I’ve spent the weekend updating my app to use the DIDSession (vs old 3idConnect). First steps were easy, woot.
however I also use did.createDagJWE and it turns out that a DID from one session cannot decrypt a JWE from another session. Setting did.parent as a recipient is no good either as it’s an unsupportedDidMethod. Makes sense, as each sessions DID is actually unrelated.
Any suggestions how I can use both DIDSession & createDagJWE? Or should I just use a different method of encrypting my data?
It’s bit of an icky workaround, but from the it-works viewpoint… well, it works.
Is there any obvious reason this is a terrible idea? The signature should have plenty of entropy, and worst-case scenario is an attacker gaining control of the signer (at which point it is pretty hard to mitigate)